Hi All,
I am looking for a complete CD/DVD set to install a Debian Sarge on a PC
currently without Linux.
Is a Sarge CD/DVD sufficient, or does this only permit to upgrade a
Woody installation?
Has anybody got these CDs/DVD so that I could copy them?
Regards,
-PU
Yes, I was a bit emotional in the last posts, and I wasn't always fair
resp. did not accept some facts to prove my point. Now I see that I
agree with Eric concerning important technical points, even if we have
different philosophical views.
Some may think that the subject may now be OT. Ok, these people can skip
this mail if they want. I believe that we are all concerned by mail
problems and that the last posts may also have put some facts in a new
light, so it may be worth to keep some key elements of it.
I agree that we should give up some freedom to get a bit more security.
There are already infected PC's (modificated Netsky worms) who are
sending "propaganda from the political right wing" to anybody using my
E-Mail address as sender. I know this because I get sometimes "mail
delivery errors". This is not nice, and I am ready to rethink and
reconfigure my system to make life harder for these abuses. But I must
get informed by the provider to prepare myself in advance.
I did not mention it anymore in the last post, but blocking port 25 was
not a problem for me at all (as I wrote the 28 May in this list). My
girlfriend couldn't send any mail as long as I was not there (because I
could't prepare myself in advance) but after I had identified the
problem I simply used the alternative port 587 (RFC conformant) to send
mail. I was glad that my mail provider Puretec supported this.
So blocking port 25 was not the problem. But you need a mail provider
who supports this alternative port.
Eric, I know I was a bit unfair by saying that nobody uses the ISP
provider's relay to send mail. There are many, I know. But there also
people who send mail through their mail provider's SMTP server, which is
perfectly legitimate.
Blocking port 25 and relaying customer's mails through the ISP
provider's server also makes sense at the moment. The ISP can filter the
mails for worms (which might otherwise not be possible) and can not only
log the connections but also the mail headers of all outbound mail
(although some packet filters might also be able to do this (to look
inside IP packets)). And you are right: There is currently no worm which
would send through the ISP relay. I can't you show one, because I know
of none. But as you said yourself: The internet today is not the
internet of 10 years ago. You will see that the internet of tomorrow
will not be the internet of today. In other words: The ISP mail relay
solution you are using is only a temporal solution. As soon as this
technique will be in widespread use (which will be the case if ISPs
block port 25 and only allow access to their own mail relay), the worms
(and the spammers who exploit remote controlled infected systems) *will*
abuse it (we both agree that this will be trivial).
The SMTP protocol dates back to 1983 and is not suitable anymore for
today's internet. But I dislike temporal solutions that have been
invented by several ISPs. I want a definitive solution that has been
developed by the internet community. Actually this already exists: SMTP
over SSL. It has already been implemented my all major mail clients
(including Mozilla, Eudora and even Outlook). Now is the time for the
ISPs to implement this community developed standard. And you do not need
port 25 anymore, as SSL uses port 443!
I wonder if PT actually guarantees you the "relay service", or if they
were just to lazy to configure their SMTP server otherwise (as I know PT
I suspect that the latter might be true).
Also remember that any PT customer is able to send mails using your ETH
address though the PT relay. Thus even by examining the mail header, I
can not verify that this mail is really coming from you (if you do not
signature your mail)! As long as your mail has not been relayed by ETH's
mail servers the authenticity of your mail is questionable. Ok, I know
that it is possible to fake the headers by spoofing ETH's IP addresses,
but this is outside the possibilities of infected PCs and spammers.
We need SMTP authentification over SSL, there is no way around this. The
other solutions are temporal at best.
Prepare that PT will block all non @pt.lu mails sometime in the future.
Hope that they will warn you on time!
Greeting, Patrick Kaell
Here an explanation for those who have no clue about SMTP:
Mail Client ------> My Mail Provider ------> Recipient's Mail Provider
SMTP SMTP
The "Mail Client" usually uses a dial up IP address. This is often an IP
address which is on a Black List. Therefore the "Recipient's Mail
Provider" would not accept it directly. The "Mail Client" therefore
sends the mail to the "My Mail Provider". This host can authentificate
the mail: the mail must be from the domain the "My Mail Provider"
administrates and the E-Mail address must exist. A spammer cannot use
"My Mail Provider" as an open relay because he has not a valid account
on this server. The "My Mail Provider" sends the mail to "Recipient's
Mail Provider". The "Recipient's Mail Provider" accepts the mail because
the "My Mail Provider" has a fixed IP address and this IP address is not
an a Black List.
For those who still do not understand why it is not a good idea for
Coditel to relay their customer's non xyz(a)coditel.lu addresses, here's
the explanation:
Unlike "My Mail Provider" Coditels relay could not ensure that I did not
fake my From field. Infact I could even use a non existent address (as
long the domain exists in the DNS). Coditel would essentially be an open
relay reserved for their own customers. The From field could be anything
a worm would find in a address database, Coditel's mail server could not
filter it.
Everybody understands?
I mean if you understand the SMTP protocol and the fact I do not want to
change my own E-Mail address everytime I change a dialup service, than
you will see that I use my dialup access in a *sensible* way.
And yes: The engineless car is waiting for you ;-))))))
Patrick Kaell
Fedora C1: MSI Mega 180 based PVR using MythTV (following Jarod's
Guide)(will change to Debian testing soon)
Debian testing: Asus L8400k personal Laptop
Debian testing: Testing PC
muLinux: Texting PC
greetings
Jang Lemmer
At Thursday, 01 July 2004, Thierry Coutelier <Thierry.Coutelier@linux.
lu> wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>Patrick Useldinger wrote:
>| I am not sure I should really do this, there's been too much arguing
>| already. But, looking at this from a different point of view, I am
>| curious to know who uses *which* distro for *what* purpose.
>|
>| So would you care, if you wish to participate, to send _one line per
>| distro you use_ to this mailing list, in the form:
>|
>| distro 1: purpose 1
>| distro 2: purpose 2
>| [...]
>|
>
>Fedora C1: desktop at work -> we wanted to stay on the RedHat line
>Suse9.1: desktop on my PC and laptop -> useful for giving courses
>Debian sarge: test PC
>RedHat 7.2: Production servers at work (should go to Fedora C2 when I
>finally get
>time to repackage our software)
>Fedora C1 (upgraded from RH9): Lilux server -> I's working.
>
>| Disto in the sense of Unix/Linux flavour.
>|
>|
>| _______________________________________________
>| Lilux-help mailing list
>| Lilux-help(a)lilux.lu
>| http://lilux.lu/mailman/listinfo/lilux-help
>
>- --
>Thierry Coutelier Président LiLux asbl
>7, Rue Jacques Sturm L-2556 Luxembourg
>Office:+352 710725 608 Home:+352 406776
>http://www.linux.lu/
>
>-----BEGIN PGP SIGNATURE-----
>Version: GnuPG v1.2.3 (GNU/Linux)
>Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
>iD8DBQFA47wlPOfrcNNQX7oRAtnLAKCJoPsJVUCo1XHQunflK7clD4+gcwCdFSxz
>IYvbQKKFJcYpAjO+vgDAsgA=
>=gFS4
>-----END PGP SIGNATURE-----
>_______________________________________________
>Lilux-help mailing list
>Lilux-help(a)lilux.lu
>http://lilux.lu/mailman/listinfo/lilux-help
>
----------------------------------------------------------
There are only 10 types of people in the world:
Those who understand binary and those who don't.
----------------------------------------------------------
===================================================================
EASY and FREE access to your email anywhere: http://www.web.lu/web2mail/
===================================================================
